The present invention is related to computer software and more specifically to computer software for voice recognition.
Many computer systems allow access based on a password. A user of the system identifies himself or herself as having an account on the computer system using a user identifier, such as an account number, and a password. If the user does not enter the correct password for the account, access to the system is denied. Passwords can work well for systems to which a user is connected using a keyboard or keypad. However, because passwords can be surreptitiously obtained by unauthorized users, passwords cannot completely prevent access by unauthorized users, particularly where interception of such passwords is possible.
Conventional speech recognition techniques may be employed to identify a user of a computer system in a manner that can be more secure than passwords entered from a keyboard or keypad of a telephone. The user of the system can speak or enter an account number on a touch-tone telephone keypad and speak a password. Speaker dependent voice recognition techniques can be used in place of a keyed-in password to verify the caller""s identity. The spoken password is matched against a database of spoken passwords to identify if the way the user spoke the password matches the way that user spoke that password during an enrollment process in which the user""s identity was verified.
However, speaking a password makes people feel uncomfortable. First, the user may feel uncomfortable speaking the password with others present. Users tend to reuse passwords from one system to another. Even though someone intercepting the password would find it difficult to use it to gain access to the system that verifies the user""s voice using voice recognition, the same password could be used to gain entry using another non-voice-verified application. The user could select a password that he or she does not use on other systems, but passwords in general are frequently forgotten, and such a password would be even more likely to be forgotten.
One alternative to voice verification of a password is to use a challenge and response system. After the user enters his or her account number, the system randomly selects a word or phrase that the user is prompted to speak. This allows the system to verify the user""s identity without requiring a user to speak an otherwise secret password or even remember any password. However, to properly verify the identity of a user, a lengthy enrollment procedure is often required to allow the user to speak all of the sounds that he or she could be required to speak when responding to a challenge phrase. Users often find such enrollment cumbersome, especially where the words are not logically connected. Without requiring a sufficiently thorough enrollment procedure, accuracy of verification or security of the system can be compromised.
Where it is possible to have multiple users sharing a single account, speaker verification enrollment techniques are further complicated by requiring the user to identify himself or herself using an identifier that is in addition to the account number. For example, if a husband and wife share a brokerage account, during enrollment, each could be prompted to key into a touch-tone telephone keypad the account number and his or her own social security number. However, this would lengthen an enrollment process that for some users is too lengthy no matter how long it is.
What is needed is a method and apparatus that can enroll a user for an accurate and secure voice recognition speaker verification system that does not require the user to remember or speak a secret password and uses a short enrollment process, even for accounts with multiple users.
A method and apparatus enrolls a user for a challenge and response speaker verification system by first requesting the user speak or enter an account number, then requesting the user to speak a number that is known to the user, such as a social security number or other identifier. The spoken social security number can be recognized using speaker independent voice recognition to distinguish between multiple users sharing the same account number. In addition, the spoken social security number is used to extract a voiceprint for the user. The user is prompted to speak a set of additional sequences of numbers generated so that the social security number already spoken and the set of additional sequences includes all of the decimal digits 0-9 a minimum number of times (e.g. three) to provide a complete enrollment record of how a user speaks each decimal digit. A challenge and response procedure can then use a string of decimal digits to provide secure and accurate speaker verification.